UNPKG

@poppinss/oauth-client

Version:

A framework agnostic package to implement "Login with" flow using OAuth compliant authorization servers.

github.com/poppinss/oauth-client

poppinss/oauth-client

212 lines (211 loc) 5.7 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
export type KnownHeaders = 'Authorization'; export type KnownOauth1Params = 'oauth_verifier'; export type KnownParams = 'client_id' | 'redirect_uri' | 'oauth_token' | 'code_challenge' | 'code_challenge_method'; export type KnownFields = 'grant_type' | 'redirect_uri' | 'client_id' | 'client_secret' | 'code' | 'code_verifier'; /** * OAuth2 PKCE (RFC 7636) challenge methods. */ export type Oauth2PkceMethod = 'S256' | 'plain'; /** * Base request for making the redirect URL */ export interface RedirectRequestContract { /** * Returns an object of query string params set using * the "param" method */ getParams(): Record<string, any>; /** * Define query string param */ param(key: KnownParams, value: any): this; param(key: string, value: any): this; /** * Clear existing param */ clearParam(key: KnownParams): this; clearParam(key: string): this; /** * Clear request internal state */ clear(): this; } /** * Base request for configuring an API call. The client itself decides if it * wants to make a `POST` call or a `PUT` call. The user is just given the * option to configure other values. */ export interface ApiRequestContract { /** * Returns an object of query string params set using * the "param" method */ getParams(): Record<string, any>; /** * Returns an object of request headers set using * the "header" method */ getHeaders(): Record<string, any>; /** * Returns an object of request form fields set using * the "field" method */ getFields(): Record<string, any>; /** * Returns an object of oauth1 signature params set using * the "oauth1Param" method */ getOauth1Params(): Record<string, any>; /** * Define how to parse the response */ parseAs(type: 'json' | 'text'): this; /** * Set the request content type */ sendAs(type: 'json' | 'urlencoded'): this; /** * Define query string param */ param(key: KnownParams, value: any): this; param(key: string, value: any): this; /** * Clear existing param */ clearParam(key: KnownParams): this; clearParam(key: string): this; /** * Define oauth1Param. The value is not defined in the query string * but used for make the base string for the Authorization header */ oauth1Param(key: KnownOauth1Params | string, value: any): this; oauth1Param(key: string, value: any): this; /** * Clear oauth param by name */ clearOauth1Param(key: KnownOauth1Params): this; clearOauth1Param(key: string): this; /** * Define a custom HTTP header for the request */ header(key: KnownHeaders, value: any): this; header(key: string, value: any): this; /** * Clear header by its name */ clearHeader(key: KnownHeaders): this; clearHeader(key: string): this; /** * Define a form field */ field(key: KnownFields, value: any): this; field(key: string, value: any): this; /** * Clear field by its name */ clearField(key: KnownFields): this; clearField(key: string): this; /** * Clear request internal state */ clear(): this; } /** * --------------------------------------------------- * Oauth2 Types * --------------------------------------------------- */ /** * Base Oauth2 token when client is unknown */ export type Oauth2AccessToken = { /** * Value of the token */ token: string; /** * Token type */ type: string; /** * Refresh token (not all servers returns refresh token) */ refreshToken?: string; /** * Static time in seconds when the token will expire. Usually * exists, when there is a refresh token */ expiresIn?: number; /** * Timestamp at which the token expires. Usually * exists, when there is a refresh token */ expiresAt?: Date; } & Record<string, any>; /** * Base config for Oauth2.0 client */ export type Oauth2ClientConfig = { /** * Client id must be obtained by the authorization server. */ clientId: string; /** * Client secret must be obtained by the authorization server. */ clientSecret: string; /** * Callback URL to your server to handle the response after * a user allows or rejects the OAuth request */ callbackUrl: string; /** * The authorization server URL where the user should be * redirected for the login consent. */ authorizeUrl?: string; /** * The authorization server access token URL from where to exchange * an access token post redirect. */ accessTokenUrl?: string; }; /** * --------------------------------------------------- * OAuth1 Types * --------------------------------------------------- */ /** * Shape of the oauth1 request token response */ export type Oauth1RequestToken = { token: string; secret: string; } & Record<string, any>; /** * Base Oauth1 token when client is unknown */ export type Oauth1AccessToken = Oauth1RequestToken; /** * Base config for the Oauth 1.0 client */ export type Oauth1ClientConfig = Oauth2ClientConfig & { /** * URL for getting the oauth token and secret before the redirect */ requestTokenUrl?: string; }; /** * Options accepted by the Oauth1 signature builder */ export type Oauth1SignatureOptions = { consumerKey: string; consumerSecret: string; method: string; url: string; nonce: string; unixTimestamp: number; params?: any; oauthToken?: string; oauthTokenSecret?: string; };